We are pleased to announce that Traceable AI has added a new agentless deployment option of traffic mirroring for customers who wish to deploy an API security solution to protect their API-driven applications.
Subscribe for expert insights to protect your applications.
Thanks! Your subscription has been recorded.
TechStrongTV interviews Jyoti Bansal, 3-time entrepeneur, about his latest startup in the cloud native application security space, Traceable AI.
The Traceable AI product overview, summarized in a hand-out format.
In this 12 minute video see an overview of Traceable Defense AI and how it uses security observability with artificial intelligence and machine learning to secure modern application architectures and their API’s.
This e-book offers a warning on what happens when you overestimate the security of your APIs. It provides a look into the tactics and techniques of API hacker Alissa Knight.
Aaron Lieberman shares best practices and insights into API security. This eBook is intended for developers, technical leads, architects, and leaders interested in building and securing a robust API environment.
In 2019, I hacked 30 bank mobile apps and APIs in coordination with domestic and international financial services and FinTech companies. In 2020-2021, I hacked 30 mobile health (mHealth) apps and FHIR APIs in coordination with healthcare providers, giving me access to thousands of patient records via their APIs due to broken authentication and authorization vulnerabilities. This year, in coordination with federal and state law enforcement agencies, I was able to take remote control of law enforcement vehicles through the automaker’s APIs.
Learn about Traceable and hear from expert customers and advisors about cloud-native application security
Bold security threats are giving rise to a new industry of API-specific security capabilities much more powerful than current management tools.
Learn how modern application architectures are driving an evolution and transformation in how applications are protected and secured.
New technologies are revolutionizing software development, but they potentially come with their own vulnerabilities. Is modern application development leaving you open to attack?
Requirements for securing modern applications. Learn how application security must evolve to protect modern cloud-native applications.
Learn about APIs and why they are so important for securing your web applications.
Using machine learning for cloud-native application security
In this webinar, Jyoti Bansal, CEO and Founder, Traceable.AI and Harness.io, explains how the new technologies of micro services, APIs, and cloud-native architectures have created new attack surfaces and potential vulnerabilities, and the things we are doing to help close the gaps.
Alan Shimel , Founder of Security Boulevard and Ashish Kuthiala, CMO of Traceable AI, discuss the importance of API Security for engineering teams and how to get get started.
The growing use of APIs means new API attack surfaces and methods that today’s security tools are inadequate to protect against. We’ll discuss what’s changed and what you can do about it.
Leading CISOs share their insights on cloud-native application security challenges and solutions
Episode I: Project Background and the Most Significant Threat to APIs
Episode II: Broken User Authentication, Excessive Data Exposure, Resources & Rate Limiting, and Broken Function Level Authorization
Episode III: Mass Assignment, Security Misconfiguration, Injection, Improper Assets Management, and Insufficient Logging & Monitoring
Episode IV: The Attacker’s Perspective, Approaches To API Pentesting, Best Tools For Finding Entry Points
Presentation to API Days London on API security and why we need to change our approach to application security given the new landscape of cloud-native, microservices and API-driven applications. Also covers Traceable AIs approach.
APIs are such a valuable asset to bad actors, but many organizations have not yet woken up to the realities of the need to protect their APIs from abuse. Aaron Lieberman (Big Compass), Dan Gordon (Traceable AI) cover how to go about doing so.
Come hear about the latest protocols supported in Traceable AI.
In this article, I dig into the details about Broken Object Level Authorization (BOLA) — the most common and most severe API vulnerability today according to the OWASP API Security Project. Insecure Direct Object Reference (IDOR) and BOLA are the same thing. The name was changed from IDOR to BOLA as part of the project.
With digital transformation in the financial service sector accelerating faster than ever, securing the technologies has never been more important. Our panelists explore the new challenges.
RASP, or Runtime Application Self-Protection, is a modern security technology that protects web applications from attacks during runtime. We’ll take a deeper look into RASPs. What their advantages are, and what their disadvantages are.
Observability plays an important role in a world full of modern cloud-native applications. It helps us to understand complex architectures, the root cause of the problems, and performance issues easily. In this Panel discussion, we will discussour panelists’ visions around observability.
Imagine you are supposed to build a python service using machine learning model (trained offline) to detect if a web request is anomalous or not. The requests are coming at a rate of 1000 per second initially but will gradually increase as your main application reaches more customers.
At Traceable, we’ve been keeping very busy in the last couple of months. During this time, we launched a number of exciting new offerings and key features with the continued aim to help our customers to have the best API Security solution in the industry.
Security is really important. There is nothing like the gut-wrenching feeling of exposing users’ data. However, security isn’t the most exciting part of web development and is often ignored. Using AWS CloudFront and AWS WAF together, you can add some security to your sites with less work and focus on making features for your users.
APIs are the pipes that connect various applications and (micro)services. As data flows through them, security is of utmost importance to prevent data leakage. Also, since APIs are like doors into your application, they’re the obvious entry point for attackers who want to break your system.
The majority of organizations rely heavily on third-party web applications connected through APIs to generate revenue and serve customers. In many cases, these web applications contain security vulnerabilities.
Better security rules increase false positives — which causes more complacency. Better tools for creating the context for more sophisticated rules and automated workflows can help.
As part of DevSecOps best practices, modern application developers and security teams should borrow techniques from crime scene forensics to investigate and protect against attacks.
Today marks an exciting milestone for us and for the security industry overall. Today, we are announcing the industry’s first free API security solution.
Teams need to address three core elements to develop an effective yet scalable model for API security.
Shadow APIs lurk outside the sight of normal IT governance processes. The problem: Attackers can use them to access data and applications.
Traceable was just named winner of the 2021 Fortress Cyber Security Award for application security. As CTO and co-founder, here’s my thoughts on this.
The president of the United States signed an Executive Order on improving the Nation’s Cybersecurity. It covers many things, one of which is zero trust architecture. What does this mean?
Like the undead, deprecated APIs can lurk hidden in the background until an attacker gives them new life. The fix? A proper funeral.
Traceable was just named winner of the Global InfoSec Awards for Next-Gen in Cybersecurity Artificial Intelligence during RSA Conference 2021. As CEO and co-founder, here’s my thoughts on this.
Attackers have learned to defeat traditional ‘moat around the castle’ perimeter defenses. Modern application security tools offer the answer: distributed tracing and AI that understands the app they protect.
Runtime Application Security-Protection tools have evolved from standalone technology to essential components guarding web applications.
Enterprises need to look beyond Web Application Firewalls to protect against API vulnerabilities
A discussion with Traceable AI CEO and co-founder Jyoti Bansal on how APIs, microservices, and cloud-native computing form a new frontier for cybersecurity vulnerabilities -- as well as opportunities for innovative defenses and resilience.
This blog about why my career transition to Traceable has taken longer than expected. My new job in this dynamic company has kept me very busy — in a good way.
What cloud application security options are available to protect personal data in the API economy?
When a security expert tested several dozen mobile health applications, all had API vulnerabilities that could leak personal information. This should be a warning call.